The Information Commissioner’s Office has fined Capita plc and Capita Pension Solutions Ltd a combined £14m following a cyber attack in April 2023 which saw hackers gain access to over 6m people’s data. Stroud News & Journal reports: Outsourcing giant Capita has been fined £14 million by the Information Commissioner’s Office (ICO) for failing to...

Source

Steven L. Imber, Justin T. Liby, Jennifer L. Osborn, Zachary R. Dyer, and Pavel (Pasha) A. Sternberg of Polsinelli PC write: In two separate but related actions, third party administrators (TPAs) and their insurance business partners agreed to substantial settlements to resolve allegations that they failed to adequately safeguard sensitive data from cyberattacks.  In the...

Source

In a special edition of “No need to hack when it’s leaking,” DataBreaches reports on a software vendor that, despite multiple attempts by multiple parties, continues to expose confidential and sealed court records.  Overview As a matter of policy, DataBreaches does not publish unredacted stolen or leaked data if it would expose personally identifiable or...

Source

After days of endlessly urging Salesforce or companies to pay them so that their data would not be leaked, the deadline for Salesforce to pay came and went. And as it went, ScatteredLAPSUS$Hunters leaked data from six of the 39 companies listed on its dark web leak site. But that’s where the massive leak that...

Source

Theresa Defino reports: Covered entities (CEs) and business associates (BAs) might be forgiven if the most recent HHS Office for Civil Rights (OCR) HIPAA enforcement action evoked little more than a yawn. Yes, the $175,000 payment isn’t a particularly large amount, and the sole alleged violation is a retread. Actually, it’s the 10th in OCR’s...

Source

Divya reports: The popular communication platform Discord is confronting a major extortion attempt after cybercriminals breached one of its third-party customer service providers, compromising sensitive user data including government identification photos used for age verification. Threat actors claim to have exfiltrated 1.5 terabytes of sensitive information, including over 2.1 million government-issued identification photos. However, Discord disputes these figures, stating that...

Source

Veronica P. Adams and Andrea DeField of Hunton Andrews Kurth write: Last month, Ace American Insurance Company filed a subrogation action against its insured’s cybersecurity and technology vendors, alleging missteps by the technology companies. See Ace American Insurance Company v. Congruity 360, Trustwave Holdings, Case No. 2:25-cv-15657 (D.N.J. Sep. 15, 2025). Ace seeks to recover the $500,000...

Source

Margi Murphy, Jake Bleiberg, and Brody Ford report: Salesforce Inc. told customers Tuesday that it won’t pay a ransom demand from a hacker who claimed to have stolen a large amount of client data and threatened to publish it, according to an email seen by Bloomberg News. The company said in a security notification that...

Source

Ry Crozier brings us today’s installment of the “No Need to Hack When It’s Leaking” Files The victims of the breach are applicants to the Northern Rivers Resilient Homes Program, under which the government is offering to either buy back flood-prone homes, contribute to the cost of rebuilding, or to improve resilience such as by elevating...

Source

As noted on Reddit, PowerSchool appears to have been one of many victims of the Salesloft Drift/Salesforce campaign by Scattered LAPSUS$ Hunters. Like many other victims, PowerSchool did not disclose the incident publicly, but they did, however, post a notice in their closed users group. The notice was removed shortly thereafter, and several people have...

Source

Christopher Brown reports: Flagstar Bank NA agreed to pay $31.5 million to settle allegations it failed to protect the personal information of nearly 2.2 million people in data breaches linked to Accellion Inc.’s file-transfer software. Class members would be eligible for up to $25,000 in documented monetary losses, three years of credit monitoring services, and...

Source

Aidan Radnedge reports: Harrods has warned some customers that their personal data could have been taken in an IT systems breach – in the latest cyber-attack to hit a major UK firm. The luxury department store based in London’s Knightsbridge said information, such as names and contact details, of its e-commerce customers was taken after...

Source

On June 12, 2025, Qilin added ApolloMD to their darkweb leak site with a date of June 6. They claimed to have 238 GB of files. ApolloMD, headquartered in Georgia, is a business associate to hospitals and health systems, providing them with services to enhance clinical operations and patient care, and to optimize financial performance....

Source

And ANOTHER automotive-related one, as reported by Claim Depot: Volvo Group North America LLC recently experienced a data breach impacting current and former employees. The cybersecurity incident involved Miljödata, a third-party supplier of human resources software used by Volvo. On Aug. 23, 2025, Miljödata discovered it had suffered a suffered a ransomware attack on Aug....

Source

The AP reports: A man in his 40s was arrested in southern England over an alleged cyberattack that disrupted several European airports in recent days, including at London Heathrow, law enforcement officials said Wednesday. The U.K.’s National Crime Agency said the suspect was held in West Sussex on Tuesday on suspicion of offenses involving the misuse of...

Source

Update:  ShinyHunters has provided DataBreaches with some data related to the attack on Stellantis, which they now are claiming responsibility for. They tell DataBreaches that the attack was reportedly part of the Salesforce campaign, but it was only last week that many targets first received ransom notes. On inquiry, ShinyHunters provided DataBreaches with a listing...

Source

Sabine Siebold, Christoph Steitz and Muvija M report: A cyberattack on a provider of check-in and boarding systems has disrupted operations at several major European airports including London’s Heathrow, the continent’s busiest, causing flight delays and cancellations on Saturday. Collins Aerospace, which provides systems for several airlines at airports globally, is experiencing a technical issue...

Source

In May, Tiffany & Co. confirmed a data breach affecting an unspecified number of customers in South Korea.  Tiffany is one of LVMH Moët Hennessy Louis Vuitton’s 75 high-end brands in six different sectors. On May 26, Tiffany Korea emailed select customers to notify them of a cybersecurity breach involving unauthorized access to a vendor...

Source

James Rodger reports: Jaguar Land Rover has issued an update on job security in the wake of the crippling cyber attack. JLR has extended its production shut down in the wake of the cyber attack, with the Birmingham car giant hit by a debilitating cyber security incident last month. JLR said: “Today we have informed colleagues,...

Source

ITV News reports: Tens of thousands of employees who work in the Jaguar Land Rover supply chain are at risk of being laid off after the car manufacturer paused its production line following a cyber attack. The UK manufacturer was forced to shut down its systems on August 31 after becoming aware of a cyberattack...

Source